[
https://issues.apache.org/jira/browse/WSS-218?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12775435#action_12775435
]
Michel Schudel commented on WSS-218:
------------------------------------
Colm,
The patch supplied in WSS-210 does not fix this issue, which is in a different
method: getAliasForX509Cert(Certificate).
Have you fixed this bug (wss-218) in the private method
(getAliasForX509Cert(String, BigInteger) explicitly too?
Regards,
Michel
> getAliasForX509Cert(String, BigInteger) in CryptoBase returns null if not all
> aliases are certificates
> ------------------------------------------------------------------------------------------------------
>
> Key: WSS-218
> URL: https://issues.apache.org/jira/browse/WSS-218
> Project: WSS4J
> Issue Type: Bug
> Components: WSS4J Core
> Affects Versions: 1.5.8
> Reporter: Michel Schudel
> Assignee: Colm O hEigeartaigh
> Original Estimate: 4h
> Remaining Estimate: 4h
>
> We want to retrieve a certificate based an on X509IssuerSerial. Our keystore
> has not only the correct certificates but also a lot of secret (3DES) keys.
> The method getAliasForX509Cert(String, BigInteger) does not check if an
> alias is a certificate entry, resulting in a null return when the first alias
> found is a (secret) key.
> Please wrap line 334-353 in version 1.5.8 as follows:
> if (keystore.isCertificateEntry(alias) {
> (line 334-353)
> }
> That should do it.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
